/** * Send a request encoded in the format defined by the ACME protocol. * * @param string $method * @param string $endpoint * @param array $payload * @param bool $returnJson * * @throws AcmeCoreServerException When the ACME server returns an error HTTP status code. * @throws AcmeCoreClientException When an error occured during response parsing. * * @return array|string Array of parsed JSON if $returnJson = true, string otherwise */ public function signedRequest($method, $endpoint, array $payload = [], $returnJson = true) { $privateKey = $this->accountKeyPair->getPrivateKey(); $parsedKey = $this->keyParser->parse($privateKey); $header = ['alg' => 'RS256', 'jwk' => ['kty' => 'RSA', 'n' => $this->base64Encoder->encode($parsedKey->getDetail('n')), 'e' => $this->base64Encoder->encode($parsedKey->getDetail('e'))]]; $protected = $header; if ($this->lastResponse) { $protected['nonce'] = $this->lastResponse->getHeaderLine('Replay-Nonce'); } $protected = $this->base64Encoder->encode(json_encode($protected)); $payload = $this->base64Encoder->encode(json_encode($payload, JSON_UNESCAPED_SLASHES)); $signature = $this->base64Encoder->encode($this->dataSigner->signData($protected . '.' . $payload, $privateKey)); $payload = ['header' => $header, 'protected' => $protected, 'payload' => $payload, 'signature' => $signature]; return $this->unsignedRequest($method, $endpoint, $payload, $returnJson); }
/** * {@inheritdoc} */ public function storeDomainKeyPair($domain, KeyPair $keyPair) { try { $this->save('private/' . $domain . '/public.pem', $this->serializer->serialize($keyPair->getPublicKey(), PemEncoder::FORMAT)); $this->save('private/' . $domain . '/private.pem', $this->serializer->serialize($keyPair->getPrivateKey(), PemEncoder::FORMAT)); } catch (\Exception $e) { throw new AcmeCliException(sprintf('Storing of domain %s key pair failed', $domain), $e); } }